Following a slew of high-profile compromises of accounts belonging to media outlets such as AP and satirical news site The Onion, Twitter has finally implemented two-factor authentication to help prevent future ones. Unfortunately, the option is still not available to all users.

The security feature is easily turned on on the Account Settings page, and requires users to associate a mobile phone number with the account so that they could receive the verification code.

"With login verification enabled, your existing applications will continue to work without disruption. If you need to sign in to your Twitter account on other devices or apps, visit your applications page to generate a temporary password to log in and authorize that application," says Jim O'Leary of Twitter's product security team, and points out that the feature is "built on top of Twitter via SMS, so we need to be able to send a text to your phone before you can enroll in login verification (which may not work with some cell phone providers)."

Once the two-factor authentication feature has been enabled, the verification code is sent each and every time the user signs into Twitter via its website.

This first iteration of the feature does not offer persistent application passwords, and it also can't currently be used to secure more than one account.

Unfortunately for me, the feature doesn't work with my mobile operator, and I'm definitely not the only one, but let's hope that all these things will be fixed in the future.

As a side note: Kim Dotcom has chosen this moment to announce that Twitter, Google, Facebook and all other companies that have implemented two-step authentication are infringing his IP rights because of a patent he filed in 1997.

Spotlight

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

As ISPs, hosting providers and online enterprises around the world continue suffering the effects of DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?”

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.